Fix coverity scan issues in wolfTPM

Author: aidangarske

examples/attestation/activate_credential.c

@@ -192,6 +192,18 @@ int TPM2_ActivateCredential_Example(void* userCtx, int argc, char *argv[])
     }
     printf("Read credential blob and secret from %s, %d bytes\n",
         input, dataSize);
+    /* Validate sizes from file data to prevent buffer overrun */
+    if (activCredIn.credentialBlob.size >
+            sizeof(activCredIn.credentialBlob.buffer)) {
+        printf("Credential blob size %d exceeds buffer\n",
+            activCredIn.credentialBlob.size);
+        goto exit;
+    }
+    if (activCredIn.secret.size > sizeof(activCredIn.secret.secret)) {
+        printf("Secret size %d exceeds buffer\n",
+            activCredIn.secret.size);
+        goto exit;
+    }
 #else
     printf("Can not load credential. File support not enabled\n");
     goto exit;

examples/attestation/make_credential.c

@@ -156,6 +156,10 @@ int TPM2_MakeCredential_Example(void* userCtx, int argc, char *argv[])
     wolfTPM2_GetRandom(&dev, makeCredIn.credential.buffer,
                              makeCredIn.credential.size);
     /* Set the object name */
+    if (name.size > sizeof(makeCredIn.objectName.name)) {
+        printf("Name size %d exceeds buffer\n", name.size);
+        goto exit;
+    }
     makeCredIn.objectName.size = name.size;
     XMEMCPY(makeCredIn.objectName.name, name.name,
             makeCredIn.objectName.size);

examples/pcr/extend.c

@@ -153,15 +153,16 @@ int TPM2_PCR_Extend_Test(void* userCtx, int argc, char *argv[])
     if (fp != XBADFILE) {
         rc = TPM2_GetHashType(alg);
         hashType = (enum wc_HashType)rc;
-        wc_HashInit(&dig, hashType);
-        while (!XFEOF(fp)) {
+        rc = wc_HashInit(&dig, hashType);
+        while (rc == 0 && !XFEOF(fp)) {
             len = XFREAD(dataBuffer, 1, sizeof(dataBuffer), fp);
             if (len > 0) {
-                wc_HashUpdate(&dig, hashType, dataBuffer, (int)len);
+                rc = wc_HashUpdate(&dig, hashType, dataBuffer, (int)len);
             }
         }
         XFCLOSE(fp);
-        wc_HashFinal(&dig, hashType, hash);
+        if (rc == 0)
+            rc = wc_HashFinal(&dig, hashType, hash);
 
         XMEMCPY(cmdIn.pcrExtend.digests.digests[0].digest.H,
                 hash, hashSz);

src/tpm2_linux.c

@@ -144,17 +144,11 @@ int TPM2_LINUX_SendCommand(TPM2_CTX* ctx, TPM2_Packet* packet)
                     rspSz = (int)ret;
                     rc = TPM_RC_SUCCESS;
                 }
-                else if (ret == 0) {
-                #ifdef DEBUG_WOLFTPM
-                    printf("Received EOF(0) from %s: errno %d = %s\n",
-                        TPM2_LINUX_DEV, errno, strerror(errno));
-                #endif
-                    rc = TPM_RC_FAILURE;
-                }
                 else {
                 #ifdef DEBUG_WOLFTPM
-                    printf("Failed to read from %s: errno %d = %s\n",
-                        TPM2_LINUX_DEV, errno, strerror(errno));
+                    printf("Failed to read from %s (ret %zd): errno %d"
+                        " = %s\n", TPM2_LINUX_DEV, ret, errno,
+                        strerror(errno));
                 #endif
                     rc = TPM_RC_FAILURE;
                 }

src/tpm2_param_enc.c

@@ -209,6 +209,14 @@ static int TPM2_ParamEnc_XOR(TPM2_AUTH_SESSION *session, TPM2B_AUTH* sessKey,
         return BUFFER_E;
     }
 
+    /* Validate source key sizes to prevent overrun of source buffers */
+    if (sessKey->size > sizeof(sessKey->buffer)) {
+        return BUFFER_E;
+    }
+    if (bindKey != NULL && bindKey->size > sizeof(bindKey->buffer)) {
+        return BUFFER_E;
+    }
+
     /* Validate key sizes before copy to prevent buffer overflow */
     if (sessKey->size + bindKeySz > sizeof(keyIn.buffer)) {
         return BUFFER_E;
@@ -264,6 +272,14 @@ static int TPM2_ParamDec_XOR(TPM2_AUTH_SESSION *session, TPM2B_AUTH* sessKey,
         return BUFFER_E;
     }
 
+    /* Validate source key sizes to prevent overrun of source buffers */
+    if (sessKey->size > sizeof(sessKey->buffer)) {
+        return BUFFER_E;
+    }
+    if (bindKey != NULL && bindKey->size > sizeof(bindKey->buffer)) {
+        return BUFFER_E;
+    }
+
     /* Validate key sizes before copy to prevent buffer overflow */
     if (sessKey->size + bindKeySz > sizeof(keyIn.buffer)) {
         return BUFFER_E;
@@ -321,6 +337,14 @@ static int TPM2_ParamEnc_AESCFB(TPM2_AUTH_SESSION *session, TPM2B_AUTH* sessKey,
         return BUFFER_E;
     }
 
+    /* Validate source key sizes to prevent overrun of source buffers */
+    if (sessKey->size > sizeof(sessKey->buffer)) {
+        return BUFFER_E;
+    }
+    if (bindKey != NULL && bindKey->size > sizeof(bindKey->buffer)) {
+        return BUFFER_E;
+    }
+
     /* Validate key sizes before copy to prevent buffer overflow */
     if (sessKey->size + bindKeySz > sizeof(keyIn.buffer)) {
         return BUFFER_E;
@@ -387,6 +411,14 @@ static int TPM2_ParamDec_AESCFB(TPM2_AUTH_SESSION *session, TPM2B_AUTH* sessKey,
         return BUFFER_E;
     }
 
+    /* Validate source key sizes to prevent overrun of source buffers */
+    if (sessKey->size > sizeof(sessKey->buffer)) {
+        return BUFFER_E;
+    }
+    if (bindKey != NULL && bindKey->size > sizeof(bindKey->buffer)) {
+        return BUFFER_E;
+    }
+
     /* Validate key sizes before copy to prevent buffer overflow */
     if (sessKey->size + bindKeySz > sizeof(keyIn.buffer)) {
         return BUFFER_E;

src/tpm2_wrap.c

@@ -123,7 +123,9 @@ static int wolfTPM2_Init_ex(TPM2_CTX* ctx, TPM2HalIoCb ioCb, void* userCtx,
     rc = TPM2_Init_ex(ctx, ioCb, userCtx, timeoutTries);
 #endif
     if (rc != TPM_RC_SUCCESS) {
+    #ifdef DEBUG_WOLFTPM
         printf("TPM2_Init failed 0x%x: %s\n", rc, wolfTPM2_GetRCString(rc));
+    #endif
         return rc;
     }
 #ifdef DEBUG_WOLFTPM